Slashdot videos: Now with more Slashdot!

View

Discuss

Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

CowboyRobot writes, quoting Information Week: "Eighteen months after its diplomatic cables were exposed in the WikiLeaks breach, the State Department continues to lock down its confidential information, while increasing its use of using social media. The agency is deploying new security technology, including auditing and monitoring tools that detect anomalous activity on the State Department's classified networks and systems. State has also begun tagging information with metadata to enable role-based access to those who need it, and is planning to implement public key infrastructure on its classified systems by the summer of 2014. This is all taking place despite the recent announcement that the IT budget will be cut by nearly 5%."

Yeah, he probably should have specified the unspoken ellipses there--i.e....

"We want Federal agencies to begin sharing as much data as they can. ...With each other... "

In all fairness, SECDEF probably assumed the people he was talking to were competent enough to fill in the blanks (you know, the part about not revealing the data to the Chinese mafia, for example.) Obviously, that assumption was a mistake.

Remember it wasn't a hack. After 9/11, the federal community was told to "share data" and remove the old stovepipes and State did just that - they State shared their cable data with DOD. DOD's controls regarding access were the issue and enabled Manning to do what he did. The focus now is creating a more roles based access policy without inhibiting sharing. It's not as easy as one might think.

At the end of the day, Bradley Manning was a mental trainwreck in a myriad of ways. This wasn't a secret -- he was in the process of being drummed out of the military before his arrest. Seems to me that the human half of the system failed -- someone in Manning's state of crisis should have been cutoff from access to weapons or critical information at some point.

You assume that information was critical. From what I've heard it was on a central repository that a few hundred thousand government employees had access to. It wasn't a place for really secret stuff, and it's likely that most major powers already had those files. The only damage done was that the public got to know about them.

This is the angle that so few people in our country seem to get... Nothing that Manning released was really all that "critical" to fighting a war. It was critical, however, in exposing the government's bottomless bucket of lies on the subject. So, obviously, Manning must die.

Many security breaches can be prevented if we just follow the guidelines that are in place. If you look at the case of Sub-Lieutenant Jeffrey Delisle [www.cbc.ca] there were some indicators [nationalpost.com] such as his divorce and bankruptcy which are red flags.

In Delisle's case he was caught, but it is not clear how much info he sold.

Yet a third case of Security Officials dropping the ball is John Walker [wikipedia.org] who I believe was turned in by his wife. This guy at one point didn't even try to keep his clearance updated!

So, in the end it falls to the procedures we have in place. If we don't consistently follow them, we pay the consequences.

Their entire problem was too many secrets which meant too many people had to have access to a system containing both information that didn't really need to be secret (but a lot of people need to do their jobs) and actual sensitive information (which only a few need access to). When you have close to one million people with access the information is going to get out to anyone that cares and has the resources to convince people to give them the information. I very much doubt Manning was the first to pass a lot of that information to a third party in even the year it happened, especially since he was free for so long after the incident and did very little to hide what he was doing. His actions were lost in the noise of nearly a million people accessing that system. Perhaps some sort of central agency in charge of intelligence should be formed to replace the one that is supposed to be distributing the information but has failed spectacularly yet again.What Manning did is not really a huge crime, he just distributed some stuff that he had very easy access to. The only reason it is a big deal is the negligence that meant he had access to enough to cause embarrassment and so we get the disproportionate response of "might makes right" that belongs more in China than in a State that respects the rule of law. He's leaked information that the Secretary of State is unfit for the position due to little respect for the rule of law (directing agents to get credit card numbers of diplomats), so it's probably to be expected if disappointing.